[buck2] always sanitize env vars if on buck2

Summary:
One more way that Infer environment variables may poison local buck2 actions is through `query`. That is, if a query command is first executed with Infer environment variables set, these will be recorded and cached by buck2. If afterwards a `build` is executed, the cached environment variables will be used even if the build command is run without them set.

This diff removes Infer variables unconditionally when executing any buck2 subcommand.

Differential Revision:
D52950290

Privacy Context Container: L1122176

fbshipit-source-id: d80688d77d479c69237efff76d317abee9c1e373

infer/src/integration/Buck.ml

@@ -52,7 +52,7 @@ let infer_vars_to_kill =
     To achieve this we need to do two things: (i) tell the JVM not to use signals, meaning it leaves
     the default handler for [SIGQUIT] in place; (ii) uninstall the default handler for [SIGQUIT]
     because now that the JVM doesn't touch it, it will lead to process death. *)
-let wrap_buck_call ?(extend_env = []) ?(kill_infer_env_vars = false) version ~label cmd =
+let wrap_buck_call ?(extend_env = []) version ~label cmd =
   let is_buck2 = match (version : version) with V1 -> false | V2 -> true in
   let stdout_file =
     let prefix = Printf.sprintf "%s_%s" (binary_of_version version) label in
@@ -93,7 +93,7 @@ let wrap_buck_call ?(extend_env = []) ?(kill_infer_env_vars = false) version ~la
       (buck_extra_java_args_env_var, new_buck_extra_java_args) :: extend_env
   in
   let env =
-    if kill_infer_env_vars then
+    if is_buck2 then
       `Override
         ( List.map infer_vars_to_kill ~f:(fun var -> (var, None))
         @ List.map env_vars ~f:(fun (lhs, rhs) -> (lhs, Some rhs)) )

infer/src/integration/Buck.mli

@@ -23,12 +23,7 @@ module Target : sig
 end
 
 val wrap_buck_call :
-     ?extend_env:(string * string) list
-  -> ?kill_infer_env_vars:bool
-  -> version
-  -> label:string
-  -> string list
-  -> string list
+  ?extend_env:(string * string) list -> version -> label:string -> string list -> string list
 (** Wrap a call to buck while (i) logging standard error to our standard error in real time; (ii)
     redirecting standard out to a file, the contents of which are returned; (iii) protect the child
     process from [SIGQUIT].
@@ -37,8 +32,7 @@ val wrap_buck_call :
     [(variable, value)] that will extend the environment of the subprocess; [label] is appended to
     [buck_] to make the prefix of the temporary file storing the standard output of the command, for
     quick identification; [cmd] is a list of strings making up the shell command to execute; the
-    return value is the standard output of the command split on newlines. If [kill_infer_env_vars]
-    is true then all Infer environment variables will be unset in the child process.Absint *)
+    return value is the standard output of the command split on newlines. *)
 
 val config : BuckMode.t -> version -> string list
 (** return list of string parameters of the form

infer/src/integration/Buck2Clang.ml

@@ -37,8 +37,7 @@ let capture build_cmd =
     in
     let buck2_build_args = buck2_build_cmd @ capture_buck2_args build_report_file in
     L.debug Capture Verbose "%s %s@." prog (List.to_string ~f:Fn.id buck2_build_args) ;
-    Buck.wrap_buck_call ~kill_infer_env_vars:true V2 ~label:"build" (prog :: buck2_build_args)
-    |> ignore ;
+    Buck.wrap_buck_call V2 ~label:"build" (prog :: buck2_build_args) |> ignore ;
     let infer_deps_lines =
       BuckBuildReport.parse_infer_deps ~root:Config.buck2_root ~build_report_file
     in

infer/src/integration/BxlCapture.ml

@@ -32,8 +32,7 @@ let run_capture buck2_build_cmd =
   L.debug Capture Quiet "Processed buck2 bxl command '%a'@\n" (Pp.seq F.pp_print_string)
     buck2_build_cmd ;
   let infer_deps_lines =
-    Buck.wrap_buck_call ~extend_env:[] ~kill_infer_env_vars:true V2 ~label:"build"
-      ("buck2" :: buck2_build_cmd)
+    Buck.wrap_buck_call ~extend_env:[] V2 ~label:"build" ("buck2" :: buck2_build_cmd)
     |> List.fold ~init:[] ~f:(traverse ~root:Config.buck2_root (Visited.create 11))
     |> List.dedup_and_sort ~compare:String.compare
   in